On December 13, 2017, the United States Court of Appeals for the Eleventh Circuit held that an independent sales organization can be held liable for all damages suffered by consumers as a result of a merchant’s violation of the Telemarketing Sales Rule (“TSR”). The court rejected the ISO’s argument that its liability should be limited to the fees it received from the merchants as a result of the merchants’ processing activities.

We previously reported on this case when the action was first filed by the FTC, back in 2013. The complaint alleged that Newtek Merchant Solutions, the ISO, and its President, violated the TSR. The TSR provides that it is a deceptive telemarketing act, and a violation, for a person to provide substantial assistance or support to any telemarketer when that person knows or consciously avoids knowing that the telemarketer is engaged in a deceptive telemarketing act, as defined in the regulation.

Lesson One: An officer of an ISO may be held personally liable for violations of the TSR.

The FTC maintained that Newtek’s payment processing services enabled the charges on consumers’ card accounts to clear through the card networks, and that without the ISO’s assistance, it would have been impossible for the merchant to charge consumers fees for its deceptive interest rate reduction services. Further, Newtek allegedly knew that many of the merchants’ accounts were connected to operations that were likely engaged in fraud. The underlying scheme involved the merchants’ promises that they would reduce the interest rates on consumers’ credit cards if they paid between $600 – $1,000 to the merchants. The scheme generated more than $2.5 million in credit card payments.

According to the Court, “despite several glaring red flags” including an unusually high number of chargebacks, the ISO opened one and then a second merchant account. In a previous action, the FTC prevailed against the ISO and its President in holding them liable for the fraud perpetrated by the merchants.

Lesson Two: An ISO may be liable under the TSR for the fraud perpetrated by one of its merchants. Be careful who you agree to process for.

The issue in the December action was the amount of the damages to be awarded against the ISO.

The Court of Appeals held that “a violation of the TSR’s substantial assistance rule can support joint and several liability to the extent of the unjust gains.” It rejected the ISO’s argument that damages should be apportioned between the defendants or that the ISO should only be obligated to disgorge the amount of the fees the ISO retained from processing credit card transactions.

Lesson Three: An ISO may be liable for all damages incurred as a result of its fraudulent merchant.

This opinion appears to be the first of its kind interpreting the liability provisions of the TSR as applied to ISOs. It is a wake-up call that ISOs must listen to in order to avoid potential exposure far exceeding the amount of processing revenues.

On March 29, 2017, the United States Supreme Court issued its long-awaited decision on the litigation surrounding the New York law that prohibits surcharges. In Expressions Hair Design, et al. v. Schneiderman, Attorney General of New York, et al., the Supreme Court was asked to decide whether a New York law prohibiting merchants from charging credit card users a surcharge above the sticker price was constitutional. The practical outcome of the Supreme Court decision is that it does not definitively answer whether the 10 state laws that prohibit surcharges are unconstitutional. The technical outcome is that the Court remanded, or sent back, the case to the lower court, requiring the lower court to determine whether the law is an unconstitutional violation of the First Amendment.

The Court first reviewed the history of efforts to pass along interchange costs to consumers. The Court noted that merchant contracts historically barred merchants from charging credit card users higher prices than cash customers, which Congress put a stop to when it passed the Truth In Lending Act. That law prevented surcharges and it prevented merchants from giving discounts to cash customers. When Congress allowed the federal surcharge ban to expire, ten states, including New York, enacted their own surcharge bans.

The merchants in the Expressions Hair Design case were five New York businesses who wished to impose surcharges on customers who used credit cards. As a result, they wanted to advertise their prices by posting a cash price and a price which included a surcharge.

The pivotal issue was whether the surcharge ban regulated conduct, i.e., was a price regulation, rather than speech. Because the statute told merchants nothing about the amount they were allowed to charge, the Court concluded that the law regulates how sellers communicate their prices, not what they charge. “In regulating the communication of prices rather than prices themselves, [the New York law] regulates speech.”

The Supreme Court, having determined that the law regulates speech, and not conduct, sent the case back to the lower court to analyze whether it violated the constitutional right to free speech. The lower court had concluded that the law regulated conduct, and therefore did not analyze that issue.

As you may recall, ten states currently have laws banning surcharges. Many of these statutes also have been challenged on First Amendment grounds. In this case and in a parallel Texas case, the federal appellate courts upheld the state statute. In contrast, the Eleventh Circuit struck down Florida’s law governing surcharges.

The Supreme Court decision did not address whether the New York law was constitutional, but it did conclude that the statute regulated speech and had to be analyzed under First Amendment standards. That decision is binding on other courts. So, to the extent challenges to similar state statutes were rejected because the court did not think free speech was involved, those decisions will have to be revisited. The ultimate effect of this decision will depend on whether the case makes its way back to the Supreme Court after the lower court rules again, and how the courts interpret the various state laws that prohibit surcharges.

For now, industry companies should act as though the ten state laws that ban surcharging are still effective.

Regulatory Alert: State governments are now getting into the Operation Choke Point mode. Over the last few years the Federal Trade Commission and other federal agencies have tried to enforce their laws and regulations by cutting off fraudsters’ access to electronic payments networks. By choking off the flow of funds, the federal government puts the fraudsters out of business. This has come to be known as “Operation Choke Point.” Now state governments are getting into the act.

The most recent example comes from Arizona. The Arizona Attorney General has decided to target processors and acquirers in its attempt to enforce its ban on tobacco sales without state licensure. Relying on an Arizona law which prohibits any person from knowingly providing “substantial assistance” to a person who violates a tobacco product sales ban, the Arizona Attorney General seeks to have processors and acquirers prohibit the completion of any tobacco sales into Arizona by unlicensed merchants. In other words, the Arizona Attorney General, like the FTC before it, wants to turn processors into policemen.

And Arizona’s efforts are paying off. On April 14, 2016, Visa released an announcement advising acquirers that they must take immediate action to ensure that their merchants comply with all applicable laws related to the sale and shipping of cigarettes. Visa advised that acquirers must identify and terminate merchants that engage in illegal online cigarette sales. The Visa bulletin further noted that it is the acquirers’ responsibility to confirm that all transactions introduced into the Visa system by their merchants are legal in both the buyers’ and sellers’ jurisdictions.

To protect the integrity of the payments system, acquirers and ISOs are required to review their merchant portfolios to identify any merchants that sell cigarettes online and then take the following concrete actions:

Underwrite the principal owners to validate their eligibility to hold a merchant account;

Carefully examine the merchant’s website to make sure they are not engaged in illegal activities, have appropriate shipping restrictions in place, and are not circumventing cigarette tax laws;

Use a mystery shopper to confirm compliance;

Confirm the merchant is not on the list created under the Prevent All Cigarette Trafficking Act;

Recheck the MATCH list; and

Terminate merchants that are identified as violating applicable laws.

Visa warns that violations of Visa Rules will result in substantial non-compliance assessments.

We expect that other states and agencies will jump on the band wagon in the near future and use the payment networks as leverage to put an end to conduct that they may not have a capacity to regulate on their own. Higher scrutiny of merchants engaged in regulated activities prior to on-boarding is well-advised.

The payments world is in a constant state of change, and the requirements surrounding clauses that must be included in card processing agreements with merchants are no exception. Typically, language that must appear in merchant contracts is handed down from the card brands. To remain compliant with those constantly-evolving requirements a close eye on card brand rule revisions has been essential. But now states are getting into the act as well.

Tennessee provides the latest example. Effective March 1, 2016, Tennessee requires that all merchant agreements disclose certain terms, such as the effective date and term of the contract, the circumstances surrounding early termination or cancellation, and a complete schedule of all fees applicable to card processing services. These requirements are benign enough, as the vast majority of commercial contracts already contain those provisions.

But here comes the sticky part. In addition to the above, the Tennessee statute requires the payment acquirer to provide monthly statements. So far so good – everyone provides monthly statements. However, the law mandates that certain data points be included in each monthly statement, including an itemized list of all fees assessed since the previous statement, the total value of the transactions processed, and, if the acquirer is not a bank, an indication of the “aggregate fee percentage”. The aggregate fee percentage is calculated by dividing the fees by the total value of processed transactions during the statement period.

The troubling requirement is the last one: that any non-bank payment acquirer include in monthly statements the fees imposed, calculated as a percentage of the total value of the transactions processed during the statement period. Currently such a calculation is not determined, so systems will need to be revamped to include that information in statements.

And a determination will need to be made as to who, exactly, this requirement applies to. The law says it is imposed on non-bank payment acquirers. Certainly that includes payment facilitators. But if both an ISO and a bank are a party to a merchant agreement and provide the statement, does the aggregate fee percentage need to be included in the monthly statement? It’s not clear. A conservative interpretation would suggest that if any non-bank is a party to a merchant agreement, the aggregate fee percentage should be disclosed each month.

Interestingly, the remedy for non-compliance with the Tennessee law is limited to an option by the merchant to terminate the contract. Before the merchant may cancel the agreement, it must give the acquirer 30 days’ notice. If the non-compliance is cured, then the merchant is not permitted to terminate the agreement.

ISOs, banks, and processors should review the new Tennessee statute to ensure compliance with its provisions. And now that the payments industry is on the radar of state legislators, card processors will need to monitor state law developments to keep up with shifting obligations.

Given the importance of payment infrastructure to the global economy, and the lucrative prospects of owning or running such infrastructure, it will come as little surprise that many entrepreneurs are racing to develop new payment solutions and large payment companies have been on acquisition sprees as they seek to update and build out their existing networks.

This focus on developing new payment systems and enhancing existing payment systems has caught the attention of the Consumer Financial Protection Bureau (“CFPB”). For the benefit of those working to develop and improve their payment systems, the CFPB has issued nine consumer protection principles to keep in mind in connection with such development:

1. Consumer Control Over Payments. Consumers should have control over payments, including their authorizations, the length of time for which such authorization is valid, and the ability to revoke an authorization.

2. Data and Privacy. Consumers should be kept informed as to how their data is used, who has access to their data, and potential risks associated with transfer of their data. Data collected should only be used to benefit consumers, and consumers should be able to specify what data is accessible by third parties.

3. Fraud and Error Resolutions Protections. The system should incorporate protections against mistaken, fraudulent, unauthorized, and erroneous transactions. The system should also create adequate records for post-transaction evaluation, allow the reversal of erroneous and unauthorized transactions, and comply with all regulatory requirements.

4. Transparency. Consumers should have real-time access to information about each transaction, such as payment confirmations and receipt of funds, as well as timely disclosure of costs, risks, fund availability, and security.

5. Cost. Fees charged to consumers should be disclosed in a way which allows consumers to compare the costs of using different payment options and should not obscure the full cost of making or receiving a payment.

6. Access. The system should be broadly accessible to consumers, widely accepted by businesses and other consumers, and permit access to such system through qualified intermediaries.

7. Funds Availability. The system should provide fast guaranteed access to funds.

8. Security and Payment Credential Value. The system should have built in protection to detect and limit errors, unauthorized transactions, and fraud. These protections should safeguard against and respond to data breaches. The System should enable gateway institutions to offer enhanced security protections and limit the value of consumer payment credentials.

9. Accountability Mechanisms. The system should align the incentive of system operators, participants, and end users. Commercial participants should be accountable for the risks, harm, and costs they introduce into the system and should be incentivized to prevent and correct fraudulent, unauthorized, or erroneous transactions. The system should also have automated monitoring capabilities, incentives for participants to report misuse, and transparent enforcement procedures.

We recommend that those companies running or developing any type of payment system accommodate the above principles in their development process. As this is a rapidly changing area of the law, we also recommend staying up to date with the latest requirements and recommendations of the CFPB and other applicable regulatory agencies.

– James Kramer, Attorney, Jaffe Raitt Heuer & Weiss, P.C.

James Kramer

James is a member of the firm's Electronic Payment Group, Corporate Group and Business Transactions Group. James counsels clients on contractual, regulatory, and compliance matters as well as on purchases, sales, mergers, and acquisitions. He routinely advises and negotiates on behalf of financial institutions and entities in the electronic payments industry.

What do you do when your exclusive agent starts referring merchants to a different processor? What if your residuals from your ISO are cut off, or if you don’t receive the hold-back payment from the buyer of your merchant portfolio?

These are the kind of disputes that regularly arise in the payments industry and which require immediate attention. What should you do when faced with them?

First, gather up all relevant documents, including written agreements, emails and letters concerning the dispute as well as information that supports the other side. Then, reach out to a lawyer knowledgeable and experienced in the industry. Knowledge of the payments business is critical because courts will look to industry standards in interpreting contractual ambiguities.

Should you file a lawsuit right away? We typically recommend, instead, that a demand letter be sent. A demand letter lays out in some detail what your grievances are, why the contract or parties’ dealings support your position, and what you want the other side to do. If you are the recipient of a demand letter, gather up the same materials and get them to your counsel right away.

The principal goal of a demand letter is to begin a discussion to reach a resolution of the dispute. A resolution of a dispute, however, is not the same thing as capitulation. It involves compromise and negotiation. Why compromise? Because litigation is expensive, time-consuming, distracting and the end result is always uncertain. A negotiated resolution to a dispute is far preferable to one costing tens of thousands of dollars and dragging on for months if not years.

Of course, some disputes cannot be resolved amicably or are of such dire importance that immediate court intervention is necessary. Under such circumstances, litigation may be the only recourse.

Litigation starts with preparing a complaint which sets forth facts and the plaintiff’s claims. That document is filed with the court and is served on the other side. The other side usually has 20 to 30 days to answer depending on the state. The next step is usually written discovery, meaning a set of questions which need to be answered. Following written discovery, usually depositions are taken where lawyers question witnesses under oath. Once all discovery is complete, the parties often will file motions for summary judgment. A motion for summary judgment asks the court to rule that there are no issues of fact requiring trial and that, as a matter of law, you are entitled to prevail on your claims. Preparation of a good motion for summary judgment is an arduous task requiring the summation of all of the evidence gathered through the discovery process. If the court finds that it is unable to grant summary judgment for either side, then the case will proceed to trial.

Litigation can be a lengthy, costly and distracting process. It will consume many hours of internal personnel time. Conventional wisdom says that 99% of commercial litigation matters get resolved before trial. There is, therefore, no reason why a resolution could not have been reached at the demand letter stage rather than after 12 months of discovery and tens or hundreds of thousands of dollars of expense. If you provide your lawyer with all relevant information at the outset of the dispute, significant costs may be avoided with little, if any, difference in the ultimate outcome.

In the age of greater regulatory scrutiny on the ISO business, here’s a shout-out to FinCEN, who recently ruled that ISOs and processors are not money transmitters under the Federal Bank Secrecy Act (BSA).

In a refreshingly straight-forward administrative ruling dated August 27, 2014, the Financial Crimes Enforcement Network (FinCEN) clarified that an ISO company’s activities marketing card processing services to merchants does not make the company a money transmitter under FinCEN regulations. Because the ISO neither accepted nor transmitted funds on behalf of the merchants it solicited, nor on behalf of the sponsor bank, it did not satisfy a critical component of a money transmitter: that of transmitting funds.

The ruling also set forth a four part test to determine whether payment processing activities fit within a payment processor exemption to the money transmitter definition. In order for the payment processor exemption to apply, the processor:

1. must facilitate the purchase of goods or services,

2. must operate through clearance and settlement systems that admit only BSA-regulated financial institutions,

3. must provide the service pursuant to a formal agreement, and

4. must have an agreement with the seller or creditor that provided the goods or services and receives the funds.

The question of whether or not ISOs and processors qualify as money transmitters under Federal law has dogged the industry for some time. This ruling finally clarifies that traditional ISOs do not qualify as money transmitters, and that as long as processors satisfy the above conditions, they will not be deemed a money transmitter under the BSA.

Unfortunately state law still must be reckoned with, and remains murky. Each state has its own money transmitter law, and a similar ruling would need to be obtained from each state to fully settle the issue. But the FinCEN action will make an easier case in front of state regulators that the activities of ISOs and processors should not render them money transmitters under state statutes.

Ms. Targan was honored at a reception held April 22 during the 26th Annual Card Forum & Expo in Orlando, Florida and was a featured panelist at the Women in Payments Leadership Exchange. Selected for her achievements in a traditionally male dominated industry, Targan is one of only 20 women recognized for helping redefine the way people and businesses handle money.

As an employer, you must comply with the Fair Credit Reporting Act (“FCRA”) if you hire an outside third party, known as a “consumer reporting agency” to perform credit and background checks on employees and applicants. The information provided by a consumer reporting agency to an employer is referred to as a “consumer report” and such report can contain anything from information on an employee or applicant’s creditworthiness and reputation to information regarding their criminal history. While the FCRA contains many requirements related to consumer reports with which employers must comply, three basic notices employers are required to provide are:

1. Notice prior to obtaining a consumer report.

After obtaining written permission from an applicant or employee to obtain their consumer report, you must provide them with written notice that you might use information in their consumer report for decisions related to their employment – such as hiring, retention, promotion, reassignment, etc. This notice must be in its own document and cannot be contained within an employment application.

2. Notice prior to taking adverse action.

Before you reject a job application, reassign or terminate an employee, deny a promotion, or take any other adverse employment action based on information contained in a consumer report, you must give the applicant or employee a notice that includes a copy of the consumer report you relied on to make your decision and a copy of the FCRA document “A Summary of Your Rights Under the Fair Credit Reporting Act.”

3. Notice after taking adverse action.

If you take adverse action based on any information contained in a consumer report, you must notify the applicant or employee of that fact. This notice is called an “adverse action notice” and the FCRA sets forth specifics as to when and how the notice must be sent, in addition to what information the notice must include.

The FCRA is complex and contains potentially significant consequences for non-compliance. As an employer, you should review your processes and procedures to verify that you are not only sending out the appropriate FCRA notices but that you are in full compliance with all applicable provisions of the act.

Today the District of Columbia Court of Appeals upheld the Federal Reserve Board’s regulations interpreting the Durbin Amendment, and in so doing reversed the lower court’s decision invalidating those rules. Last July, Judge Leon of the U.S. District Court concluded that the Board’s regulations violated the Durbin Amendment statute’s plain language. Today the Court of Appeals disagreed, holding that the Board’s rules are a reasonable construction of the law.

The court noted that it reviewed the Board’s interpretation of the law directly, according no deference to the lower court’s ruling. In an opinion that is a marked departure from the lower court’s combative tone, today’s opinion logically analyzes each of the arguments advocated by the merchants and by the Federal Reserve Board, concluding that the Board’s interpretation of the Durbin Amendment language should stand.

The court remanded back to the Board one aspect of the Durbin regulation, requiring an explanation of the Board’s interpretation of the fraud prevention adjustment. In the meanwhile, the existing regulation remains in place.

Thus, unless and until today’s decision is appealed to the Supreme Court, both the interchange fee and the anti-exclusivity aspects of the current regulation govern.